The Raccoon Stealer malware first emerged in April 2019 and has since infected thousands of Windows devices around the world. Despite a limited feature set, the popularity of Raccoon Stealer signals a continuous growing trend of the commoditization of malware as it follows a Malware-as-a-Service (MaaS) model.
Raccoon, costing $200 per month to use, is suspected to be of Russian origin and aggressively marketed in underground forums. Prompt 24×7 customer support is offered to community questions and comments on Telegram under the handle “glad0ff”. The handle, and person behind “glad0ff”, has previously been linked to other malware. Raccoon specifically has exploited vulnerabilities in software, leveraged email social engineering tricks, and made use of legit software downloaded from sketchy websites. Once successfully installed, it will communicate with a command-and-control server to gain access to and steal data. This data can be anything from screenshots and credit card info to browser passwords and emails. There are a handful of languages the malware will not target, which indicates where researchers believe the malware originates from.
To learn more about the active attacks, visit here.
Netflix and chill? More like Netflix and new phishing scam. Scammers are using the popular streaming service we all love as bait.
An email will hit your inbox appearing to be from Netflix stating the company is unable to process your credit card for payment, and that the account will be suspended today. This sense of urgency may tempt users to click the link to update their information. However, upon further inspection of the email, there are a few noticeable red flags that the email isn’t authentic. While the Netflix logo is used, it is much smaller and at a much lower resolution than the real version used for official communication. The body of the message is also short yet manages a few obvious spelling mistakes. And, when you place your cursor over the “click here” link you will see a long and strange URL that, if clicked, would drive to a rogue page made out to look like it is part of the Netflix site.
Lastly, the email’s header also provides a clue that the email is a fake. The “from” address says Netflix but adds another long URL, the “to” address does not contain your name, and the subject line is all together long and strange that is unlikely to come from a major corporation. To learn more about the scam, and keep your Netflix viewing safe, visit here.
You’ve probably already heard all about the workout obsession that is the Peloton bike. But did you know their app is available for membership use, with or without owning their bike?
If you own a Peloton bike or tread, the app will automatically come with your membership and give you access to the full workout library. If you don’t own the Peloton equipment, there’s no need to worry; you can simply become a digital studio member to gain an all-access pass to thousands of live and on-demand, instructor-led studio classes. You can immerse yourself in a live studio experience from your phone, tablet, TV, or web browser, to get what you need to meet your goals. The classes aren’t limited to biking only; there’s a mix of running, strength, toning, cycling, yoga, meditation, and outdoor classes available. You can filter classes by type, length, time, and even your favorite music, plus easily track your progress with milestones and streaks. The app allows you to set reminders and build the workout schedule that will fit around your lifestyle.
To learn more about what current members are saying, and how to start subscribing, visit here.